1. Field of the Invention
Apparatuses and methods consistent with the present invention relate to processing a digital rights object, and more particularly, to converting the digital rights object received from a rights issuer into a format for communicating with a portable storage device and transmitting and receiving the converted format of the digital rights object so that the load of the portable storage device can be reduced and data transmission efficiency can be increased.
2. Description of the Related Art
Recently, studies on digital rights management (hereinafter, referred to as DRM) have been actively conducted and commercial services using DRM have been introduced. The reason for using DRM is due to the properties of digital data. Digital content is apt to be copied and reused, processed and distributed, unlike analog data. However, it takes significant time and money to manufacture and distribute digital content. Accordingly, the counterfeiting and the distribution of digital content causes great losses to the manufacturer and it hinders digital content creation.
Efforts to protect digital content have been made in the past. However, only the access to digital content without permission was prevented. That is, a person who paid the cost for the digital content was allowed access to the digital content. However, if the consumer intentionally distributed the digital content to a third party, this third party could use the digital content without paying the cost.
DRM was introduced to solve this problem. DRM unlimitedly permits access to encrypted digital content, but it requires a license called a rights object in order to decrypt and play the encrypted digital content. Accordingly, DRM can efficiently protect digital content, unlike the existing method.
FIG. 1 is an exemplary view schematically showing the concept of digital rights management.
DRM relates to how content protected by a method such as cryptography (hereinafter, referred to as “encrypted content”) and the rights object for allowing access to the protected content are processed.
In FIG. 1, users 110, 150 that want to access the content protected by DRM, a content issuer 120 for issuing the content, a rights issuer 130 for issuing the rights object including the right for accessing to the content, and a certification authority 140 for issuing a certificate are shown.
The user A 110 can obtain desired content from the content issuer 120. At this time, the encrypted content protected by the DRM is obtained. The user A 110 can obtain the license for playing the encrypted content from the rights object received from the rights issuer 130. The user A 110 having the rights object can play the encrypted content. Since the encrypted content can be freely distributed, user A 110 can freely deliver the encrypted content to another user B 150. The user B 150 must have the rights object in order to play the encrypted content, and the rights object can be obtained from the rights issuer 130. The certification authority 140 issues the certificate representing that the user A 110 and the user B 150 are valid users. When manufacturing devices of the users 110, 150, the certificate may be input in the devices. However, if the certificate expires, the certificate can be reissued from the certification authority 140.
DRM can aid the digital content industry by protecting the manufacturers and suppliers of the digital content.
FIG. 2 is an exemplary view schematically showing the concept of the digital right management using a security multimedia card.
The user A 210 can obtain the encrypted content from a content issuer 220.
The rights object includes information about the encryption of the content, the definition of the right for the content, and usage restriction information of the content. In addition, the rights object includes the actual right. The right for the content may include a play right and the usage restriction information may include a play number, a play time, and a play period. Also, the right may include a move right or a copy right. That is, the rights object having the move right may be moved to another device or the security multimedia card, and the rights object having the copy right may be copied to another device or the security multimedia card. In the case of the move right, the original rights object is deactivated (this involves deleting the rights object or the right included in the rights object) by the movement of the rights object. But, in the case of the copy right, the original rights object can be used in the activated state.
The user A 210 obtains the encrypted content and requests the rights object from the rights issuer 230 so as to obtain the play right thereof.
If the user A 210 receives a rights object response and the rights object from the rights issuer 230, the user can play the encrypted content using the received rights object. When delivering the rights object to the user B 250 having the corresponding encrypted object, the user A 210 can deliver it using a portable storage device. In one embodiment, the portable storage device may be the security multimedia card 260 having a DRM function, and in this case the user A 210 moves the rights object into the security multimedia card 260 after performing authentication with the security multimedia card 260. The user A 210 requests the play right from the security multimedia card 260 and then receives the play right (for example, a content encryption key) from the security multimedia card 260 so that the encrypted content can be played. After performing the authentication with the user B 250, the security multimedia card 260 moves the rights object to the user B 250 or allows the user B 250 to play the encrypted content.
At this time, the rights object used in the DRM as mentioned above is shown in FIG. 3.
As shown in FIG. 3, the rights object used in DRM includes rights object information, DRM content management information, and DRM content usage restriction information.
The rights object information includes an identifier for identifying a rights object from the other rights objects.
DRM content is digital content where the usage is managed and controlled by the rights object, and the plural pieces of the DRM content management information may exist in one rights object. One set of DRM content management information includes a DRM content identifier and an encryption/decryption key for the DRM content.
The plural pieces of the DRM content usage restriction information may exist in one rights object and the DRM content usage restriction information refers at least one set of DRM content management information. Also, the DRM content usage restriction information includes information for controlling the usage of the DRM content, such as a usage number, a usage period and a usage date.
The rights object used in DRM can be expressed in XML format, and in this case, the portable storage device such as a MMC card, an SD card or a USB storage medium must have an XML parser function for interpreting the rights objects. However, the portable storage device, which has limited resources, is loaded so as to provide these functions. Also, since the XML rights object is not restricted in size, it may be difficult for the portable storage device to store the rights object.
Accordingly, the rights object must be converted to a new format so that the rights object can be efficiently managed.